With 2017 crossing the half way point, let's look at some technology trends thus far.

Breaches: Many personal records are half empty due to the continued rash of intrusions while the crooks are half full of our personal information along with some ransom payments. According to the Identity Theft Resource Center (ITRC), there have been 7,689 breaches since 2005 (when they started tracking) compromising – get this – 900,315,392 records. Almost 3 times the U.S. population. In 2016, 56% of all Data Breaches began with a user clicking on a phishing email. The big story for 2017 I think, is the rise of ransomware. Kaspersky reports a 250% increase in ransomware for the first few months of 2017. From WannaCry to Petya to Fusob, criminals are holding systems hostage until a ransom is paid…or not. Ransomware seems to be this year’s big trend with backups saving some from total embarrassment.

DNS: I’ve said it before and I’ll say it again, DNS is one of the most important components of a functioning internet. With that, it presents unique challenges to organizations. 2016 saw record-breaking DNS-based attacks and outages, which thrust DNS management into the spotlight as both a vulnerability and a critical asset. In 2016 DNS provider Dyn experienced a huge DDoS attack taking out many popular websites and internet cameras. And a new attack uncovered this year, DNSMessenger, uses DNS queries to conduct malicious PowerShell commands on compromised computers – a technique that makes the remote access trojan difficult to detect on targeted systems. The need for DNS continues to be half-full with the influx of IoT devices so it’ll continue to be a valuable target for riff-raff.

IoT: What can I say? The cup runneth over…again. Gartner has identified the Top 10 IoT technologies that should be on every organization's radar for 2017 and 2018. They include things like new security risks and challenges to the IoT devices themselves, their platforms and operating systems, their communications, and even the systems to which they're connected. Analytics to understand customer behavior, to deliver services and improve products. Device management, device processors, operating systems, platforms, standards and even the networks IoT devices use are all areas of attention. IoT is really three-quarters full both with the opportunities and potential risks. And the risks can be deadly when monitoring vital information like human vital signs.

Mobile: We are mobile, our devices are mobile and the applications we access are mobile. Mobility, in all its iterations, is a huge enabler and concern for enterprises and it'll only get worse as we start wearing our connected clothing to the office. 5G is still a couple years away but AT&T and Verizon have already lined up trials of their 5G networks for 2017. Mobile is certainly half full and there is no emptying it now.

That's what I got so far and I'm sure 2017's second half will bring more amazement, questions and wonders. We'll do our year-end reviews and predictions for 2018 as we all lament, where did the Year of the Rooster go?

There's that old notion that if you see a glass half full, you're an optimist and if you see it half empty you are a pessimist. I think you need to understand what state the glass itself was before the question. Was it empty and filled half way or was it full and poured out? There's your answer!

If the last 10 years wasn’t warning enough, 2017 will be a huge year for mobile…again. Every year, it seems, new security opportunities, challenges and questions surround the mobile landscape. And now it encompasses more than just the device that causes phantom vibration syndrome, it now involves the dizzying array of sensors, devices and automatons in our households, offices and municipalities. Mobile has infiltrated our society and our bodies along with it.

So the security stakes are high.

The more we become one with our mobile devices, the more they become targets. It holds our most precious secrets which can be very valuable. We need to use care when operating such a device since, in many ways, our lives depend on it. And with the increased automation, digitization and data gathering, there are always security concerns.

So how do we stay safe?

The consumerization of IT technologies has made us all administrators of our personal infrastructure of connected devices. Our digital self has become a life of its own. As individuals we need to stay vigilant about clicking suspicious links, updating software, changing passwords, backing up data, watching financial accounts, having AV/FW and generally locking down devices like we do the doors to our home. Even then, the smartphone enabled deadbolt can be a risk. And we haven’t even touched on mobile payment systems, IoT botnets or the untested, insecure apps on the mobile phone itself.

For enterprises, mobile devices carry an increased risk, especially personal devices connecting to an internal network. From regulatory compliance to the disgruntled employee, keeping sensitive information secret is top concern. BYOD policies and MDM solutions help as does segmenting those devices away from critical info. And the issue isn’t so much seeing restricted information, especially if your job requires it, it is more about unauthorized access if the device is compromised or lost. Many organizations have policies in place to combat this, including a total device wipe…which may also blast your personal keepsakes. The endpoint security market is maturing but won’t fill the ever-present security gaps.

On the industrial side, tractors, weather sensors, street lights, HVAC systems, your car and other critical infrastructure are now mobile devices with their own unique security implications. The Industrial Internet of Things (IIoT) focuses on industrial control systems, device to network access and all the other connective sensor capabilities. These attacks are less frequent, at least today, but the consequences can be huge – taking out industrial plants, buildings, farms, and even entire cities.

The Year of the (Fire) Rooster will soon be upon us and the talkative, outspoken, frank, open, honest, and loyal Rooster could influence events in 2017. Whether you were born under the symbol or not, Roosters strive on trust and responsibility, essential for any organization especially in these times.

A year ago I noted, Mobility, both the state of being and the devices we use, will continue to grow and be an immense enabler and/or inhibitor for organizations. Today, we are the devices, controllers and data generators and we’re interacting, even socially, with a growing list of robots and objects. Security continues to flummox folks both from a development standpoint – talking to you IoT manufacturers – and from a purely personal realm. The more connected devices we have in and around our lives, homes and offices the more opportunities for the bad guys to take advantage.

This is sure to continue as our digital, software-defined lives connect and intersect with the things around us. We’ll likely see a number of significant IoT security discussions coming out of CES this week too with cars and robots the starring attraction this year.

And as our lives – personal and professional – continue to be chronicled on the internet, the various thieves, nation states, and activists will continue to be one step ahead, probing data and looking for that golden slab of info. Making money, causing disruptions, or orchestrating outright take-downs through online attacks are big motivations for those seeking notoriety or simply a big score. But it’s not always from the crook or spy half a globe away. Insider threats, malicious or not, have made traditional concepts of the perimeter almost useless.

While trends like cloud, mobility, IoT, DevOps and big data will consume your attention, securing those trends and how they map to business objectives will come to roost in 2017 and DevCentral is here to help. Let’s try to be smart, practical, open and honest about our challenges and guard against the vain, boastful and attention grabbing bad guys trying to get the best of us.

The 2017 Rooster arrives January 28, 2017 and we’ll need to be prepared and stay calm when the proverbial fan starts spinning.

The time of year when crystal balls get a viewing and many pundits put out their annual predictions for the coming year. Rather than thinking up my own, I figured I’d regurgitate what many others are expecting to happen.

10 IoT Predictions for 2017 – IoT was my number 1 in The Top 10, Top 10 Predictions for 2016 and no doubt, IoT will continue to cause havoc. People focus so much on the ‘things’ themselves rather than the risk of an internet connection. This list discusses how IoT will grow up in 2017, how having a service component will be key, the complete mess of standards and simply, ‘just because you can connect something to the Internet doesn’t mean that you should.’

10 Cloud Computing Trends to Watch in 2017 - Talkin' Cloud posts Forrester’s list of cloud computing predictions for 2017 including how hyperconverged infrastructures will help private clouds get real, ways to make cloud migration easier, the importance (or not) of megaclouds, that hybrid cloud networking will remain the weakest link in the hybrid cloud and that, finally, cloud service providers will design security into their offerings. What a novel idea.

2017 Breach Predictions: The big one is inevitable – While not a list, per se, NetworkWorld talks about how we’ll see more intricate, complex and undetected data integrity attacks and for two main reasons: financial gain and/or political manipulation. Political manipulation? No, that’ll never happen. NW talks about how cyber attacks will get worse due to IoT and gives some ideas on how to protect your data in 2017.

Torrid Networks’ Top 10 Cyber Security Predictions For 2017 – Dhruv Soi looks at the overall cyber security industry and shares that many security product companies will add machine learning twist to their products and at the same time, there will be next-gen malware with an ability to bypass machine learning algorithms. He also talks about the fast adoption of Blockchain, the shift towards mobile exploitation and the increase of cyber insurance in 2017.

Fortinet 2017 Cybersecurity Predictions: Accountability Takes the Stage - Derek Manky goes in depth with this detailed article covering things like how IoT manufacturers will be held accountable for security breaches, how attackers will begin to turn up the heat in smart cities and if technology can close the gap on the critical cyber skills shortage. Each of his 6 predictions include a detailed description along with risks and potential solutions.

2017 security predictions – CIO always has a year-end prediction list and this year doesn’t disappoint. Rather than reviewing the obvious, they focus on things like Dwell time, or the interval between a successful attack and its discovery by the victim. In some cases, dwell times can reach as high as two years! They also detail how passwords will eventually grow up, how the security blame game will heat up and how mobile payments, too, will become a liability. Little different take and a good read.

Predictions for DevOps in 2017 – I’d be remiss if I didn’t include some prognosis about DevOps - one of the most misunderstood terms and functions of late. For DevOps, they will start to include security as part of development instead of an afterthought, we’ll see an increase in the popularity of containerization solutions and DZone sees DevOps principals moving to mainstream enterprise rather than one-off projects.

10 top holiday phishing scams – While many of the lists are forward-looking into the New Year, this one dives into the risks of the year end. Holiday shopping. A good list of holiday threats to watch out for including fake purchase invoices, scam email deals, fake surveys and shipping status malware messages begging you to click the link. Some advice: Don’t!

Bonus Prediction!

Top 10 Most Popular Robots to Buy in 2017 – All kinds of robots are now entering our homes and appearing in society. From vacuums to automated cars to drones to digital assistants, robots are interacting with us more than ever. While many are for home use, some also help with the disabled or help those suffering from various ailments like autism, a stroke or even a missing limb. They go by many monikers like Asimo, Spot, Moley, Pepper, Jibo and Milo to name a few.

Are you ready for 2017?

If you want to see if any of the previous year’s prognoses came true, here ya go:

Four outta Five DevCentral members will appear in person at #F5Agility 2016.

That’s right! Jason, John, Chase and yours truly will be in Chicago next week for F5’s annual gathering of customers and partners. The DevCentral area will be in the heart of the Solution Expo and we’ll be offering some short technical presentations throughout the event. We’ll also have some t-shirts to give away along with a few other goodies.

With 2016 crossing the half way point, let's take a look at some technology trends thus far.

Breaches: Well, many databases are half empty due to the continued rash of intrusions while the crooks are half full with our personal information. According to the Identity Theft Resource Center (ITRC), there have been 522 breaches thus far in 2016 exposing almost 13,000,000 records. Many are health care providers as our medical information is becoming the gold mine of stolen info. Not really surprising since the health care wearable market is set to explode in the coming years. Many of those wearables will be transmitting our health data back to providers. There were also a bunch of very recognizable names getting blasted in the media: IRS, Snapchat, Wendy’s and LinkedIn. And the best advice we got? Don’t use the same password across multiple sites. Updating passwords is a huge trend in 2016.

Cloud Computing: According to IDC, public cloud IaaS revenues are on pace to more than triple by 2020.From $12.6 billion in 2015 to $43.6 billion in 2020. The public cloud IaaS market grew 51% in 2015 but will slightly slow after 2017 as enterprises get past the wonder and move more towards cloud optimization rather than simply testing the waters. IDC also noted that four out of five IT organizations will be committed to hybrid architectures by 2018. While hybrid is the new normal remember, The Cloud is Still just a Datacenter Somewhere. Cloud seems to be more than half full and this comes at a time when ISO compliance in the cloud is becoming even more important.

DNS: I’ve said it before and I’ll say it again, DNS is one of the most important components of a functioning internet. With that, it presents unique challenges to organizations. Recently, Infoblox released its Q1 2016 Security Assessment Report and off the bat said, ‘In the first quarter of 2016, 519 files capturing DNS traffic were uploaded by 235 customers and prospects for security assessments by Infoblox. The results: 83% of all files uploaded showed evidence of suspicious activity (429 files).’ They list the specific threats from botnets to protocol anomalies to Zeus and DDoS. A 2014 vulnerability, Heartbleed, still appears around 11% of the time. DevOps is even in the DNS game. In half full news, VeriSign filed two patent applications describing the use of various DNS components to manage IoT devices. One is for systems and methods for establishing ownership and delegation of IoT devices using DNS services and the other is for systems and methods for registering, managing, and communicating with IoT devices using DNS processes. Find that half full smart mug...by name!

IoT: What can I say? The cup runneth over. Wearables are expected to close in on 215 million units shipped by 2020 with 102 million this year alone. I think that number is conservative with smart eyewear, watches and clothing grabbing consumer’s attention. Then there’s the whole realm of industrial solutions like smart tractors, HVAC systems and other sensors tied to smart offices, factories and cities. In fact, utilities are among the largest IoT spenders and will be the third-largest industry by expenditure in IoT products and services. Over $69 billion has already been spent worldwide, according to the IDC Energy Insights/Ericsson report. And we haven’t even touched on all the smart appliances, robots and media devices finding spots our homes. Get ready for Big Data regulations as more of our personal (and bodily) data gets pushed to the cloud. And we’re talking a lot of data.

Mobile: We are mobile, our devices are mobile and the applications we access are mobile. Mobility, in all its iterations, is a huge enabler and concern for enterprises and it'll only get worse as we start wearing our connected clothing to the office. The Digital Dress Code has emerged. With 5G on the way, mobile is certainly half full and there is no empting it now.

That's what I got so far and I'm sure 2016's second half will bring more amazement,questions and wonders. We'll do our year-end reviews and predictions for 2017 as we all lament, where did the Year of the Monkey go?

There's that old notion that if you see a glass half full, you're an optimist and if you see it half empty you are a pessimist. I think you need to understand what state the glass itself was before the question. Was it empty and filled half way or was it full and poured out? There's your answer!

The Year of the (Fire)
Monkey is upon us and the curious, playful, smart, opportunistic and
sometimes mischievous character could influence events throughout 2016. Whether
you were born under the symbol or not, Monkeys thrive on challenges and 2016 is
sure to bring some obstacles during the year.

2015 (Year of the
Sheep) brought us a rash of high profile breaches,
a bunch of new IoT devices and wearables,
continued, bigger clouds and innovative attacks on vulnerable infrastructures
along with the continuous deluge of big data. This is sure to continue as our
digital, software-defined lives connect and intersect with the things around us.
Organizations will need to extend their risk management focus to areas outside
their control like the cloud and social channels but also consider the human
element in all this. The new threats and heightened risk may put some companies
in peril due to the lack of knowledgeable security IT personnel available.

Mobility, both the state of being and the devices we use, will continue to
grow and be an immense enabler and/or inhibitor for organizations. Mobile is not
only the new shiny phone you got over the holidays but also all the IoT gadgets
looking for a place in our home, offices and bodies…along with how we interact
with them as humans. Cutting the cord will mean more than subscribing to some
streaming media service but the way of the wireless life. You are now the
device, controller and data generator. With that, security challenges like
authentication, privacy, malware/data protection, compliance and the management
of those services will be paramount.

And as our lives – personal and professional – continue to be chronicled on
the internet, thieves, nation states and activists will continue to be one step
ahead probing data and looking for that golden slab of info. Making money,
causing disruptions or outright take downs through online attacks are big
motivations for those seeking notoriety or simply a big score. But it’s not
always from the crook or spy half a globe away. Insider threats, malicious or
not, have made the traditional perimeter almost useless.

So while trends like cloud, mobility, IoT and big data will consume IT
departments, securing those trends and how they map to business objectives will
be the monkey on organizations back for 2016. Let’s try to be intelligent,
dignified, clever, optimistic, confident, agile and curious about our challenges
or the arrogant, deceptive, reckless and manipulative bad guys will get the best
of us.

It’s that time of year when we gift and re-gift, just like this text
from last year. And the perfect opportunity to re-post, re-purpose and re-use
all my 2015 blog entries. If you missed any of the 89 attempts including 59 videos, here they are
wrapped in one simple entry. I read somewhere that lists in blogs are good. I
broke it out by month to see what was happening at the time and let's be honest,
pure self-promotion.

With 2015 crossing the half way point, let's take a look at some technology
trends thus far.

Breaches: Well, many databases are half empty due to the
continued rash of intrusions while the crooks are half full with our personal
information. Data breaches are on a record
pace this year and according to the Identity Theft Resource Center (ITRC),
there have been 400 data incidents as of June 30, 2015. One more than this time
last year. And, 117,576,693 records had been compromised. ITRC also noted a 85%
increase in the number of breaches within the banking sector. From health care to government
agencies to hotel
chains to universities and even Major
League Baseball, breaches and attacks are now a daily occurrence.

Mobile: We are mobile, our devices are mobile and the
applications we access are now probably mobile also. Mobility, in all it's
connotations, is a huge concern for enterprises and it'll only get worse as we
start wearing our connected clothing to the office. The
Digital Dress Code has emerged. Mobile is certainly half full and there is
no empting it now.

Privacy: At this point with all the surveillance, data
breaches, gadgets
gathering our daily data and our constant need to tell the world what we're
doing every second, this is probably bone dry. Pardon, half empty, sticking to
the theme.

That's what I got so far and I'm sure 2015's second half will bring more
amazement, questions and wonders. We'll do our year in reviews and predictions
for 2016 as we all lament, where did 2015 go? There is that old notion that if
you see a glass half full, you're an optimist and if you see it half empty you
are a pessimist. Actually, you need to understand what the glass itself was
before the question. Was it empty and filled half way or was it full and poured
out? There's you answer!

From Baby Boomers to Gen X, Y, & Z, there are certain characteristics
that define, at least according to demographers and historians, each generation.
Generation X, specifically, might also remember a Rush song called The Analog Kid.
While not as frequently played as Tom Sawyer or Subdivisions,
it has always been my favorite Rush song. Driving
bass, awesome guitar solo, amazing imagery
and Peart.

I am that Generation. The Analog Generation.

With all of our digital things getting connected, including things on and in
our body, I started thinking that I'm part of the generation that transitioned
from analog to digital. Not that analog or analog signals are disappearing
anytime soon, but as a kid, there were way more analog things than digital,
that's for sure. Audiophiles will also argue that analog
recordings are better at capturing the true representation of sound due to
it being continuous, rather than specific values to represent sound, as in the
discrete digital.

I wondered if I was the only one who figured this out - highly doubtful - so
I searched. And actually, there are a few people who have made the connection.
One who argues that today's
kids, at least his kids, are very analog. They love playing outside, playing
board games and other non-digital activities. He talks about the importance of
parents giving their children attention in the real world. And
the other one specifically talks about the analog things we remember as a
kid - records, 8mm, rotary phones, black & white TV, VHS and others verses
the CDs, DVDs, iPhones and HD TVs today's kids live with.

Some feel that
Rush's The Analog Kid is about a more innocent time with less
technology in the world, longing for the simpler days. A cautionary tale. One
person notes, 'Perhaps Peart's social comment with the two songs is how
technology and science creates incredible wonders, but there's a cruel price to
pay if there's no heart to guide it.' The other song he references is
Digital
Man, also on the Signals album. When
I hear The Analog Kid it immediately takes me back to 1982 and whatever
I was doing in high school. It is interesting that I took my first computer
class in high school around that time...while still learning how to type...on a
real typewriter. If you remember those, with the little IBM ball to change
fonts, you're analog.

The last lines of the song are:

Too many hands on my time Too many feelings Too many
things on my mind

When I leave I don't know What I'm hoping to find
When I leave I don't know What I'm leaving
behind...

We are certainly entering a new realm with IoT with a lot of hopes, dreams
and ideas of things to come. And while they all might help us automatically
adjust home temperatures, become a little healthier, auto drive our car, keep an
eye on our home, and cook better dinners, we can't forget that humans are social
creatures, not necessarily social media darlings, and our real family, friends
and loves are what really matter.